diff --git a/Shorewall/Perl/Shorewall/Raw.pm b/Shorewall/Perl/Shorewall/Raw.pm
index 1713690ec..4a11c1a7c 100644
--- a/Shorewall/Perl/Shorewall/Raw.pm
+++ b/Shorewall/Perl/Shorewall/Raw.pm
@@ -87,24 +87,26 @@ sub process_notrack_rule( $$$$$$$ ) {
 		$action = "CT --helper $args";
 		$exception_rule = do_proto( $proto, '-', '-' );
 
-		for my $mod ( split ',', $modifiers ) {
+		for my $mod ( split_list1( $modifiers, 'ctevents' ) ) {
 		    fatal_error "Invalid helper option ($mod)" unless $mod =~ /^(\w+)=(.+)$/;
-		    $mod  = $1;
-		    $args = $2;
+		    $mod    = $1;
+		    my $val = $2;
 		    
 		    if ( $mod eq 'ctevents' ) {
-			for ( split ',', $args ) {
+			for ( split_list( $val, 'ctevents' ) ) {
 			    fatal_error "Invalid 'ctevents' event ($_)" unless $valid_ctevent{$_};
 			}
 
-			$action .= " --ctevents $args";
+			$action .= " --ctevents $val";
 		    } elsif ( $mod eq 'expevents' ) {
-			fatal_error "Invalid expevent argument ($args)" unless $args eq 'new';
+			fatal_error "Invalid expevent argument ($val)" unless $val eq 'new';
 			$action .= ' --expevents new';
 		    } else {
 			fatal_error "Invalid helper option ($mod)";
 		    }
 		}
+	    } else {
+		fatal_error "Invalid CT option ($option)";
 	    }
 	}
     }
diff --git a/Shorewall/manpages/shorewall-conntrack.xml b/Shorewall/manpages/shorewall-conntrack.xml
index 022acfebb..33289134e 100644
--- a/Shorewall/manpages/shorewall-conntrack.xml
+++ b/Shorewall/manpages/shorewall-conntrack.xml
@@ -199,7 +199,10 @@
                   role="bold">helper</emphasis>, <emphasis
                   role="bold">mark</emphasis> (this is connection mark, not
                   packet mark), <emphasis role="bold">natseqinfo</emphasis>,
-                  and <emphasis role="bold">secmark</emphasis>.</para>
+                  and <emphasis role="bold">secmark</emphasis>. If more than
+                  one <emphasis>event</emphasis> is listed, the
+                  <replaceable>event</replaceable> list must be enclosed in
+                  parentheses (e.g., ctevents=(new,related)).</para>
                 </listitem>
 
                 <listitem>
diff --git a/Shorewall6/manpages/shorewall6-conntrack.xml b/Shorewall6/manpages/shorewall6-conntrack.xml
index a3cb5c4d5..a1eab9dd5 100644
--- a/Shorewall6/manpages/shorewall6-conntrack.xml
+++ b/Shorewall6/manpages/shorewall6-conntrack.xml
@@ -102,7 +102,10 @@
                   role="bold">helper</emphasis>, <emphasis
                   role="bold">mark</emphasis> (this is connection mark, not
                   packet mark), <emphasis role="bold">natseqinfo</emphasis>,
-                  and <emphasis role="bold">secmark</emphasis>.</para>
+                  and <emphasis role="bold">secmark</emphasis>. If more than
+                  one <emphasis>event</emphasis> is listed, the
+                  <replaceable>event</replaceable> list must be enclosed in
+                  parentheses (e.g., ctevents=(new,related)).</para>
                 </listitem>
 
                 <listitem>